Chinese Hardware Hack Shows That the U.S. Needs More Than Tariffs to Contain the Dragon

Chinese Hardware Hack Shows That the U.S. Needs More Than Tariffs To Contain the Dragon

Bloomberg/Business Week this morning broke the most disturbing spy story in years: Chinese cyber-spies embedded a secret back door onto computer motherboards intended for super-secret CIA cloud computing. The techies at Amazon Web Services discovered one particular back door in hardware built by Chinese subcontractors for Supermicro of San Jose, California, one of the world's biggest suppliers of motherboards.

Bloomberg reports:

Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.

One country in particular has an advantage executing this kind of attack: China, which by some estimates makes 75 percent of the world’s mobile phones and 90 percent of its PCs.

Let that sink in: the U.S. Department of Defense uses Chinese computer components because they are NOT manufactured in the United States of America. U.S. counterintelligence found one back door. We have no idea how many more back doors are out here.

The level of technological skill required for this sort of "seeding" attack is impressive, according to Bloomberg. This isn't like planting a microphone in a flower pot:

To actually accomplish a seeding attack would mean developing deep understanding of a product’s design, manipulating components at the factory, and ensuring that the doctored devices made it through the global logistics chain to the desired location -- a feat akin to throwing a stick in the Yangtze River upstream from Shanghai and ensuring that it washes ashore in Seattle.

“Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow,” says Joe Grand, a hardware hacker and the founder of Grand Idea Studio Inc. “Hardware is just so far off the radar, it’s almost treated like black magic.” But that’s just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army.

It's been obvious for years that the United States needs to bring high-tech manufacturing onshore for national security reasons -- whatever the economic consequences. The Pentagon procurement system favors the bottom line of an oligopoly of defense contractors. Chinese hardware is cheaper and the globalized supply chain has been a bonanza for the defense industry. The Pentagon's hardware requirements, moreover, are a tiny fraction of the American market. Building chip foundries in the U.S. for national security reasons will cost a lot more.